Microsoft — Azure MCP Server authentication flaw exposes sensitive data (CVE-2026-32211) 2026-04-03 Security
Adversa — Claude Code deny rule bypass allows prompt injection of blocked commands 2026-04-01 Security
Anthropic — Three OS command injection vulnerabilities in Claude Code CLI and Agent SDK 2026-04-01 Security
arXiv — BadSkill: Agent Supply Chain Backdoor Attacks via Model-in-Skill Poisoning 2026-04-01 Security
Comment and Control — Prompt Injection to Credential Theft in Claude Code, Gemini CLI, and Copilot Agent 2026-04-01 Security
Google DeepMind — AI Agent Traps Taxonomy Reveals Six Critical Vulnerability Classes 2026-04-01 Security